http://www.eweek.com/article/0,3658,s=701&a=26622,00.asp
By Dennis Fisher
May 9, 2002
LAS VEGAS -- Despite the current emphasis on security in the IT
industry, CIOs and IT managers are still not paying enough attention
to the problems facing their organizations, a panel of security
experts said Wednesday.
"Security is still very much an afterthought," said Robert Thomas, CEO
of Netscreen Technologies Inc., of Sunnyvale, Calif. "It's reactive
and not proactive."
Thomas' comments came during a keynote panel discussion at the
NetWorld+Interop show here that also included representatives from
Network Associates Inc., Enterasys Networks and Internet Security
Systems Inc.
The other panelists echoed Thomas' sentiments, saying that although
security currently is getting a lot of attention, the basic
infrastructure of the Internet and corporate networks is still
fundamentally vulnerable.
"The reality is, everything is vulnerable. I just don't believe that
we'll ever get ahead of the attacks," said John Roese, chief
technology officer of Enterasys, of Portsmouth, N.H. "There will
always be a threat, and you'll never be completely protected. I'm
disturbed that most enterprises don't have the mechanisms to react to
things like Code Red and Nimda."
That lack of readiness extends to the government and its vital
networks, said Christopher Klaus, co-founder and CTO of ISS, of
Atlanta.
"Any system that the government says isn't connected to the Internet,
that's false," said Klaus, whose company does quite a bit of work with
the government. "There's always some engineer who needs to get his
e-mail and he plugs the machine into the Internet."
And, although many enterprises revisited their security plans after
Sept. 11, that hasn't necessarily translated into a boon for security
vendors.
"The increase in spending on security products hasn't been that big,"
said Sandra England, vice president of business development and
strategic research at Network Associates, of Santa Clara, Calif.
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.